NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Honeypots List> 2002-q2

From: Dustin Trammell (DTrammellPENSON.COM)
Date: Fri May 17 2002 - 09:31:55 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> is it posible to setup iptables to launch a program or shellscript if the
> packet matchs a spasific rule? i have checked the man file and didnt find
> anything but i might have missed it. is there a module that does it? if
not
> how would i do something like that? thanks for your time

I use SEC monitoring a named pipe that syslog is configured to write to.
Use the iptables "-j LOG" switch to send matches to syslog. For example, my
INPUT policy's final (cleanup) DROP rule:

iptables -A INPUT -j LOG --log-prefix "$pkey input cleanup "
iptables -A INPUT -j DROP

Ref: SEC http://www.estpak.ee/~risto/sec/

--- Dustin D. Trammell Information Security Specialist Penson Financial Services, Inc.

--------------------------------------------------------------------- To unsubscribe, e-mail: honeypots-unsubscribesecurityfocus.com For additional commands, e-mail: honeypots-helpsecurityfocus.com --------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities. Please, see: https://alerts.securityfocus.com/

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]